On Fri, Oct 29, 2021 at 1:01 AM elettrino via Bug reports for the GNU Bourne Again SHell <bug-bash@gnu.org> wrote:
> user@machine:~$ USER_INPUT='x[$(id>&2)]' > user@machine:~$ test -v "$USER_INPUT" > uid=1519(user) gid=1519(user) groups=1519(user),100(users) > What you're doing here, is having the user name a variable, and then testing if that variable is set. I'm not sure if that makes much sense. The user probably doesn't and shouldn't need to know the names of the variables used by the script. It might make more sense to use USER_INPUT as an index to an associative array that was filled with some relevant entries and the user was to pick one. But you still get to watch the quoting: $ declare -A values=([foo]=123 [bar]=345) $ USER_INPUT='x[$(id>&2)]'; test -v 'values[$USER_INPUT]' && echo yes || echo no no $ USER_INPUT='foo'; test -v 'values[$USER_INPUT]' && echo yes || echo no yes (or do the same with [ "${values[$USER_INPUT]+set}" = set ] ) but $ USER_INPUT='x[$(id>&2)]'; test -v "values[$USER_INPUT]" && echo yes || echo no uid=1000(itvirta) gid=1000(itvirta) ... no Not that I'm sure the upper one is still safe against every input. I think issues with associative array keys have been discussed on the list before. I don't know whether this happens with anything other than the -v option > with test; I have not seen it happen under any other circumstance. > Arithmetic expansion is the classic one. Here, we expect the user to give some number and then do arithmetic on it: USER_INPUT='x[$(id>&2)]' a=$(( USER_INPUT + 1 )) # or even: if (( USER_INPUT <= 0 )); then echo invalid input; fi You have to sanitize the inputs, case $USER_INPUT in *[!0-9]*) echo error >&2; exit 1 ;; esac or something like that for the numbers.